Valuable Tips On ERM System Implementation

November 20, 2014 7:55 pm0 commentsViews: 132

By : Mohammed Nasser Barakat

ERMEnterprise Risk Management (ERM) implementation is a big deal for any enterprise. An ERM system integrates all the business information and establishes effortless flow of communication. ERM aids management to oversee the risks in the entire organization’s functions and processes and to carry out decision making regarding risks on a large scale.

Enterprises are familiar with stories of failed ERM implementation. Its extensive nature makes a wide range of risks inevitable. Organizations fail to read them entirely and few risks slip through the crack. The repercussions hit hard, usually after the ERM system goes fully functional. Organizations are challenged with consistent obstructions in the business processes and their outcomes.

The key here is in preparing your organization for the stages before and after ERM implementation.  Let us look at the pitfalls and responses involved in the administration of ERM solutions : 

ERM program implementation is not exclusively an IT project!

Most organizations view ERM software implementation as an IT  program. They fail to realize that the implementation involves changes in business processes from lower to higher levels.

Transition of processes should be planned, understood and executed precisely. Employees, management and the board should be aware and trained to accept changes. The outcomes and benefits of alterations should be learned and communicated prior to the implementation of ERM application in order to nullify a sudden impact.

Management and officials in charge of an ERM software implementation process should work together to figure out the changes required and analyze the possible outcomes.

Set detailed plan with adequate timelines

Enterprises tend to overlook the time and resources required for ERM implementation.  Thus, those firms who have not prepared for contingencies during ERM implementation end up pushing back the launch date. Business functions relying on the ERM solution are put off; which, in turn, further affects the deliverables and triggers a chain of setbacks across interdependent functions and processes. The cumulative result of interrupted schedules fractures the strategic objective of the organization.

ERM1Constructing a detailed plan is necessary to even out an implementation process. When deciding on a deadline, leave space for schedule and contingency risks in the layout.  Likewise, set individual or team milestones to adhere to timelines through a step-by-step approach.

Equal participation from cross-functional departments

Every process should employ an efficient process-owner who will be accountable for decision-making and communicating the expected changes once the ERM solution comes into action. Consistently, these process owners will also have to address and report further changes even after the implementation of the program. 

Adequate data management

Risks emerging from data integration, conversion and authentication are some common factors leading to failure. Organizations should consistently and meticulously review the program to map data management slips. Allot sufficient time and resources to create an efficient and error-free data structure for the enterprise. 

Customize the ERM program to suit business processes

Standardization of processes is required, but not at the cost of customization.  Remember that an unhindered workflow is among top priorities for any business. 

Test the ERM solutions before implementing them

Managers are hard pressed for time, mostly because they provide inadequate schedules and ignore contingencies. To meet timelines, they have the tendency to skip the testing phase which turns out to be a crucial mistake in the future. Testing measures have to be conducted extensively to avoid huge maintenance costs following the implementation period.

The trial or testing phase should include :

  • End-to-end test to check upon the function and integration capability of the entire solution
  • Standalone tests to inspect individual transactions and work-specific functions
  • User-acceptance test to verify that a solution works for the user


Mohammed Nasser Barakat is the Consultancy Director at CAREweb Corporate Governance Consultancy offering Governance, Risk & Compliance (GRC) software used by the well known global business organizations. Nasser is Certified Control and Risk Self Assessment Practitioner (CCSA) and has 8 years experience in  Internal audit solutions and consultancy.  Check it out here for Enterprise Risk Management Tips.


Leave a Reply


Post Calendar

February 2018
« Nov    

Powered by WP Robot

%d bloggers like this: